The Hacker News

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 releases.

Claude collaboration tools left the door wide open to remote code execution

Anthropic fixed the flaws - but the AI-enabled attack surfaces remain Security vulnerabilities in Claude Code could have allowed attackers to remotely execute code on users' machines and steal API ...
SecurityWeek

SolarWinds Patches Four Critical Serv-U Vulnerabilities

SolarWinds has patched four critical-severity remote code execution vulnerabilities in the Serv-U enterprise file transfer product.
Bleeping Computer

Apache fixes critical OFBiz remote code execution vulnerability

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.
Bleeping Computer

Apache fixes remote code execution bypass in Tomcat web server

Apache has released a security update to address an important vulnerability in Tomcat web server that could lead to an attacker achieving remote code execution. Apache Tomcat is an open-source web ...
WinBuzzer

10,000+ Claude Desktop Users Exposed by Zero-Click Flaw

A zero-click vulnerability in Claude Desktop Extensions has exposed over 10,000 users to remote code execution through ...
Windows Report

Critical Notepad Security Bug Could Execute Remote Scripts, Now Fixed

Microsoft fixes a high-severity Notepad RCE flaw tied to Markdown files. Install the latest updates to protect your PC.

Microsoft plugs remote code vulnerability in Notepad app on Windows 11

Microsoft fixes a critical Notepad vulnerability in Windows 11 that could allow remote code execution via malicious Markdown files. Here are the details ...